package ace.cmp.security.oauth2.resource.server.api;

import ace.cmp.core.model.R;
import ace.cmp.security.core.impl.model.dto.AceIntrospectPrincipalDto;
import jakarta.validation.constraints.NotEmpty;
import org.springframework.http.HttpHeaders;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RequestParam;

/**
 * @author caspar
 * @date 2023/8/1 15:40
 */
@Validated
public interface TokenAuthenticationApi {
  /**
   * 验证解析token
   *
   * @param authorization 客户端认证方式
   * @param token         token
   * @return
   */
  @PostMapping
  R<AceIntrospectPrincipalDto> introspect(
      @NotEmpty @RequestHeader(HttpHeaders.AUTHORIZATION) String authorization,
      @NotEmpty @RequestParam("token") String token);
}
